FBI rushes to assess damage hacker did

Published 4:00 am, Friday, February 17, 1995

Kevin Mitnick, the world's most-wanted hacker, "did some real damage, but it's going to take us some time before we know how much," an FBI spokesman said Friday.

"These things (computer systems) are just not secure, even though people go on a day-to-day basis thinking they are," said Special Agent Rick Smith. "Maybe that's the message."

As authorities scrambled to figure out the extent of the damage done by the nationwide penetration of computer systems, the 31-year-old Mitnick was arraigned on two felony charges of computer fraud and illegal use of a telephone access device in U.S. District Court in Raleigh, N.C.

Mitnick, wearing leg shackles and his long hair tied back with a rubber band, waived his right to a probable cause hearing and a bond hearing, and was ordered held without bail by Magistrate Wallace Dixon.

He faces up to 35 years in prison and $500,000 in fines if convicted.

Latest news videos

The case against Mitnick involves six jurisdictions, ranging from eastern North Carolina to San Diego, and the Justice Department hasn't decided yet where the suspect will be prosecuted, Assistant U.S. Attorney Kent Walker said.

Mitnick's capture Wednesday, following a two-week electronic manhunt, would have been unlikely without the aid of civilian computer experts, law enforcement officials acknowledged.

It was the expertise of computer adepts employed by private industry that enabled the FBI to put the handcuffs on Mitnick in his Raleigh apartment.

"We have developed and continue to develop more expertise, but there are going to continue to be situations in cyberspace and in the real world in which we have to rely on individuals who have particular knowledge," Smith said Thursday in San Francisco.

The FBI has two squads of computer experts, with 10 to 15 members each, one based in San Jose, the other in Washington, D.C., Smith said.

"We have sufficient expertise, but we're always looking for additional knowledge about this field," Smith said.

"It's not something gained overnight, so we recognize the problem, at least we think we do, and we're devoting more and more manpower to it."

In the Mitnick case, both the key figures in the quest that led to his arrest are employed by private industry - Tsutomu Shimomura of the San Diego Computer Center and Hua-Pei Chen of The Well on-line service in Sausalito.

Pirated software, card numbers&lt;

While authorities said the extent of Mitnick's alleged hacking was not yet clear, an affidavit filed in U.S. District Court of North Carolina gave an indication of how widespread they believe his snooping was.

In the affidavit, FBI Special Agent Levord Burns said Mitnick's hacking of Shimomura's computer resulted in the pilfering of cellular telephone proprietary software valued at as much as $1 million.

The intruder also stole 20,000 credit card numbers from the files of Netcom On-Line Communication Services Inc. of San Jose, the affidavit said.

Walker, the assistant U.S. attorney, said it will take extensive investigation to determine where Mitnick's computer has taken him.

"It's difficult to know (the extent of damage) until we go through all the files," Walker said. "In The Well, he got as much as 500 megabytes of information, which is the equivalent of 100,000 pages."

Mitnick also allegedly tried to infiltrate the giant computer database maintained by the state Department of Motor Vehicles, spokesman Evan Nossoff said.

The DMV has released few details of Mitnick's alleged attempt to access the system, but Nossoff said the hacker sought to obtain vehicle registration or driver's license information under the guise of a police agency over several weeks in late 1992 and early 1993.

Nossoff said the activity ceased after a DMV computer operator noticed that information being requested was to be sent to a different area code than the police agency purportedly seeking it.

"At no time was he ever able to manipulate the contents of our database," Nossoff said. "He was never in our database."

He declined to say, however, whether the hacker obtained information from the DMV.

Authorities have declined to speculate on whether the hacker had capitalized commercially on the alleged computer intrusions.

Mitnick, who served a year in federal prison after pleading guilty to infiltrating Digital Equipment Corp.'s computer system and stealing 16 MCI telephone codes, violated his parole by disappearing in 1992.

Well, Netcom helped feds&lt;

The Well and Netcom both cooperated with the federal investigation to the extent of opening up their files. Walker said investigators were careful to comply with the Electronic Communications Privacy Act, which permits them such access under precisely defined procedures.

According to the FBI affidavit, Mitnick used Netcom's

"points of presence" public dial-ups in various cities and used the system as "a platform to intrude and attack other computer sites while connected to Netcom."

With Shimomura's aid, Netcom set various traps for the hacker and provided the listening post that made possible the fugitive's location and capture.

Don Hutchinson, vice president of sales and marketing for Netcom, a publicly held corporation with more than 90,000 subscribers, minimized the damage caused by Mitnick's alleged intrusions.

The accounts tampered with were mostly shell accounts, he said, and "we're not, candidly, aware of any damage - illicit use of credit card numbers or anything else for that matter. It was more a case of a guy wanting to show off that he could do it."

Nevertheless, he said, "We've learned from this intrusion and our collaboration with the folks from San Diego. We think we've got a very secure system in place."

Well subscribers "compromised'&lt;

Not so sanguine was Chuck Marson, a partner in the San Francisco law firm of Remcho Johansen Purcell and a specialist in computer privacy issues.

"I subscribe to The Well, and everybody who's on The Well was compromised by whoever did this - assuming it was Mr. Mitnick, who compromised my files by cracking into the system and manipulating it like its most highly rated supervisor.

"He could have read everything that was there. I make it a note not to put confidential things on it, but a lot of people do." &lt;

Latest from the SFGATE homepage:

Click below for the top news from around the Bay Area and beyond. Sign up for our newsletters to be the first to learn about breaking news and more. Go to 'Sign In' and 'Manage Profile' at the top of the page.